[Qa-jenkins-scm] [jenkins.debian.net] 03/04: reproducible_openwrt|lede: node_save_logs: check input and hardcode paths

[Holger Levsen]

This is an automated email from the git hooks/post-receive script.

holger pushed a commit to branch master
in repository jenkins.debian.net.

commit e519b9aad5475758b36cfebfcdd3fec9c484c3fa
Author: Alexander Couzens <lynxis at fe80.eu>
Date:   Thu Oct 13 02:12:21 2016 +0200

    reproducible_openwrt|lede: node_save_logs: check input and hardcode paths
    
    improves the security if called over ssh and simplify the script.
    
    Signed-off-by: Holger Levsen <holger at layer-acht.org>
---
 bin/reproducible_openwrt_common.sh | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/bin/reproducible_openwrt_common.sh b/bin/reproducible_openwrt_common.sh
index 23c2668..3e1098a 100644
--- a/bin/reproducible_openwrt_common.sh
+++ b/bin/reproducible_openwrt_common.sh
@@ -74,11 +74,21 @@ create_results_dirs() {
 	mkdir -p $BASE/$project/dbd
 }
 
+# node_save_logs can be called over ssh OR called within openwrt_build
 node_save_logs() {
-	local TYPE=$1
-	local RUN=$2
+	local tmpdir=$1
 
-	tar cJf "$TMPDIR/$RUN/logs_${TYPE}.tar.xz" logs/
+	if [ "${tmpdir:0:26}" != "/srv/reproducible-results/" ] || [ ${#tmpdir} -le 26 ] ; then
+		echo "Something very strange with \$TMPDIR=$tmpdir exiting instead of doing node_save_logs."
+		exit 1
+	fi
+
+	if [ ! -d "$tmpdir/build/logs" ] ; then
+		# we create an empty tar.xz instead of failing
+		touch "$tmpdir/build_logs.tar.xz"
+	else
+		tar cJf "$tmpdir/build_logs.tar.xz" -C "$tmpdir/build/logs"
+	fi
 }
 
 # RUN - is b1 or b2. b1 for first run, b2 for second
@@ -297,7 +307,7 @@ openwrt_build() {
 	[ "$TYPE" = "openwrt" ] && save_openwrt_results $RUN
 
 	# copy logs
-	node_save_logs $TMPDIR/build_logs.tar.xz $TMPBUILDDIR
+	node_save_logs "$TMPDIR"
 
 	# clean up between builds
 	openwrt_cleanup

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/qa/jenkins.debian.net.git